File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes JDBC and Relational Databases and the fly likes SQL statement not executing. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Databases » JDBC and Relational Databases
Bookmark "SQL statement not executing." Watch "SQL statement not executing." New topic

SQL statement not executing.

Ravi Harishchandra

Joined: Oct 29, 2012
Posts: 17
Hii...the mentioned SQL statement is just not executing, The code is as below:
The error I'm getting is : java.sql.SQLException: Invalid SQL type: sqlKind = UNINITIALIZED
Statement st1 = con.createStatement();
st1.executeUpdate("insert into customer values('"+ id1 +"','"+ name +"','"+ addr +"','"+ cont +"','"+ email+"','" + city +"','" + state + "','" + from +"','" + to + "','"+ room +"','" + adv +"','" + room_no +"','"+ differenceInDays +"')"); // the first statement works absolutely fine, inserting all the values in database.
st1.executeUpdate("update" + room + "set FLAG=1 where RNO = " + room_no +"");// this statement here is not executing, values room and room_no are inserted in database in the above SQL query

Rob Spoor

Joined: Oct 27, 2005
Posts: 20276

Don't you mean update customer set FLAG=1 where RNO = " + room_no? Because room is a value, not the name of a table.

You should also definitely start using PreparedStatement. Right now that code is highly susceptible to SQL injection.

How To Ask Questions How To Answer Questions
Paul Clapham

Joined: Oct 14, 2005
Posts: 19973

It's also susceptible to failing if you get the tiniest thing wrong in that horrible mess of single and double quotes. And it's easy to get that wrong. PreparedStatement makes parametrized queries infinitely easier, you should definitely be using it.
aadhira sharma

Joined: Dec 13, 2012
Posts: 4
Thanks for this link.
chris webster

Joined: Mar 01, 2009
Posts: 2292

  • Try printing your SQL statements out so you can see what your DB is trying to execute. I think your SQL UPDATE needs a space after the "update", for example.
  • But as the others have said, using concatenated SQL strings like this is the wrong approach anyway.
  • Write and test your SQL separately (outside Java) using your database's SQL shell, so you can be sure you've got your SQL right before you start messing around in Java.
  • Then use a PreparedStatement with bind variables in Java for your SQL because it's easier to write/read/maintain, more secure (helps prevent SQL injection) and more efficient (allows your database to re-use the parsed SQL).

  • No more Blub for me, thank you, Vicar.
    I agree. Here's the link:
    subject: SQL statement not executing.
    It's not a secret anymore!